Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Hacker Falsely Claiming to Breach FireEye Arrested, CEO Says

The hacker who falsely claimed to have breached FireEye — it was just the personal online accounts of one employee — was arrested by international law enforcement and taken into custody on October 26, FireEye CEO Kevin Mandia said Wednesday.

The hacker who falsely claimed to have breached FireEye — it was just the personal online accounts of one employee — was arrested by international law enforcement and taken into custody on October 26, FireEye CEO Kevin Mandia said Wednesday.

“These attackers rarely, if ever get caught and therefore I’m pleased, that in this case we’re able to impose repercussions for the attacker and achieve a small victory for the good guys,” Mandia said during a conference call.

He did not provide the name for the hacker, nor the location for the arrest. In July 2017, the hacker made grandiose claims that he was part of a new LeakTheAnalyst operation aimed at doxing the security professionals who hunt hackers. “Let’s trash their reputation in the field,” he posted to Pastebin. In reality, he had little of any value, taken from the online accounts of one FireEye employee.

According to FireEye’s CFO Frank Verdecanna, the incident is not thought to have had any significant negative effect on FireEye’s financial performance over the last three months, beyond the internal cost and time required to investigate the hacker’s claims. “I don’t want to underestimate the unfairness of the situation of an anonymous person making false claims,” Mandia told CRN. “You have to prove the negative, which is really annoying.”       

The hacker’s arrest was announced at FireEye’s Q3 Earnings Results Conference Call on Wednesday. While Q3 performance was a little better than expected, FireEye is still yet to report a profit since it went public in 2013. During Q3, the net loss attributable to shareholders narrowed to $72.9 million (41 cents per share) from $123.4 million (75 cents per share) a year earlier.

This would indicate that FireEye is moving in the right direction. However, investors were disappointed in the forecasts made for Q4. “For Q4, we’re now expecting billings in the range of $210 million to $230 million, and revenue in the range of $190 million to $196 million,” announced Verdecanna. He believes that the firm is on track to deliver non-GAAP operating profitability in Q4.

Investors evidently hoped for better. Analysts, on average, were expecting total revenue of about $195.6 million, at the top end of FireEye’s forecast, according to Thomson Reuters I/B/E/S. The effect was an immediate tumble in share price on NASDAQ in aftermarket trading (at the time of publishing, it is down 12%).

In publicity terms, it has been a challenging period for FireEye. Apart from the alleged hack and the new tumble in share price, it has been employed to investigate the massive Equifax breach. While this is positive, the firm reportedly removed a case study from its website where Equifax endorsed FireEye for protecting it from zero-day attacks. However, FireEye’s technology is typically used to protect against advanced malware attacks that leverage zero-day vulnerabilities in popular operating systems and business applications such as Microsoft Office and Adobe Flash. The Equifax hack was pulled off by leveraging a vulnerability in Apache Struts, which was used by a web application and allowed the attack to happen assumingly without requiring malware to be used.

Advertisement. Scroll to continue reading.

One positive area for FireEye is strong growth in sales of its new Helix product announced in November 2016. Helix helps accelerate incident response with automation and orchestration by leveraging detection capabilities from FireEye’s Endpoint Security (HX) and Network Security (NX) engines, along with FireEye iSIGHT Intelligence.

“Both FireEye as a service and iSIGHT threat intelligence had strong quarters, and we added 57 new Helix customers bringing the total to 71,” announced Verdecanna. It remains slow progress for FireEye, but it still expects to report profits in 2018.

FireEye went public in September 2013, with the share price immediately soaring by more than 90% before settling at around $38.74. At the time of writing this, it is $14.45. FireEye purchased Mandiant for $1 billion in January 2014. Mandiant’s Kevin Mandia took over as CEO at FireEye in June 2016. 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Wendi Whitmore has taken the role of Chief Security Intelligence Officer at Palo Alto Networks.

Phil Venables, former CISO of Google Cloud, has joined Ballistic Ventures as a Venture Partner.

David Currie, former CISO of Nubank and Klarna, has been appointed CEO of Vaultree.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.